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DETAILED ACTION 

Acknowledgments 

1. Applicant's amendment filed on June 17, 2008 is acknowledged. Accordingly 
claims 1-16 remain pending. 



Change of Examiner 

2. Applicant is hereby advised to address all correspondence relating to this 
application to Examiner Charles C.L. Agwumezie who is currently assigned to this case. 

Response to Arguments 

3. Applicant's arguments filed June 17, 2008 have been fully considered but they 
are not persuasive with respect to claims 1-9, and 14-16. 

With respect to claim 1 , Applicant argues that Chen does not teach "providing 
data about the first entity to the second entity where data is selectively withheld or 
generalized in response to the assessment of trust." 

In response, Examiner respectfully disagrees and submits that Chen does 
disclose the claimed limitation. In Chen, the Broker withheld the true identity of the 
consumer, the sensitive financial data of the consumer and only the information 
necessary to carry out the transaction is shared with the vendor. Thus Chen does 
selectively withhold data as claimed. 

4. Applicant further argues that Chen is not particularly relevant to claim 1 or the 
claims which depend therefrom. 
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In response to applicant's argument that Chen is nonanalogous art, it has been 
held that a prior art reference must either be in the field of applicant's endeavor or, if 
not, then be reasonably pertinent to the particular problem with which the applicant was 
concerned, in order to be relied upon as a basis for rejection of the claimed invention. 
See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992). In this case, 
Chen is concerned with a Broker acting on behalf of a first entity and determining the 
trustworthiness of the parties to a transaction. 

5. Applicant further argues with respect to claim 14, that information about the first 
entity is selectively withheld or generalized in response to the assessment of the 
amount of trust attributed to the second data processor." 

In response, Examiner refers Applicant to the discussions in the preceding 
paragraphs. 

6. With respect to claims 3-5, 7-8 and 1 0-1 3, Applicant argues that there does not 
appears any way in which the user data can be selectively passed to one insurance 
entity and not another based on an assessment of level of trust via-a-vis the insurance 
entity. 

In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
(i.e., "the user data can be selectively passed to one insurance entity and not another 
based on an assessment of level of trust via-a-vis the insurance entity") are not recited 
in the rejected claim(s). Although the claims are interpreted in light of the specification, 
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limitations from the specification are not read into the claims. See In re Van Geuns, 988 
F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

7. Applicant's arguments with respect to claims 10-13, have been considered but 
are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC §112 

8. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 10-13, are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. Specifically it is unclear to one of ordinary skill in the 
art to understand how the "trusted computer determines interrogates the data 
processing environment and polices of the third party to determine how trustworthy the 
third party is." How does one determine the trustworthiness of itself? 

Claim Rejections - 35 USC § 102 

9. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

10. Claims 1, 2 and 14-16 , are rejected under 35 U.S.C. 102(b) as being anticipated 
by Chen et al, US Patent 7096204 (hereinafter referred as Chen). 
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1 1 . Regarding claim 1 , Chen specifically discloses a method of conducting a 
transaction between a first entity and a second entity where as part of the transaction 
the second entity or an examination agent operating on behalf of the second entity 
requires information to assess a level of risk associated with transacting with the first 
entity, the method comprising the steps of: 

a) a data processor acting on behalf of the first entity requesting a data processor 
acting on behalf of the second entity to provide data about itself; (abstract, figure 6, 
column 1 lines 42-68, claim 1 ) 

b) the data processor (trusted computing platform [see abstract, column 1 lines 
42-58]) acting on behalf of the first entity analysing the response and determining an 
assessment of trust of the data processor operating on behalf of the second entity; 
(figure 6, column 1 lines 42-68, colum 9 50-65. claim 1) 

c) defining a pseudonymous identity for the first entity; and (abstract, column 1 
lines 42-68, claim 1) 

d) providing data about the first entity to the second entity where data is 
selectively withheld or generalised in response to the assessment of trust (column 1 
lines 42-column 2 line 1 0, column 2 lines 24-3', claim 1 , claim 1 1 ). 

12. With regards to claim 2 , Chen discloses a method of conducting a transaction as 
claimed in claim 1 , in which the method further comprises the step of entering into a 
contract for the transaction based on data provided about the first entity such that the 
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identity of the first entity remains unknown to the second entity (abstract, column 1 line 
42-68. claim 1). 

13. Regarding claim 14 , Chen discusses an apparatus for conducting a transaction 
comprising a first data processor acting on behalf of a second entity, and where as part 
of the transaction the second entity or an examination agent operating on behalf of the 
second entity requires information to assess a level of risk associated with transacting 
with the first entity, wherein: 

a) the first data processor requests the second data processor to provide 
information about itself and the policies of the second entity; (abstract, figure 6, column 
1 lines 42-68, claim 1) 

b) the first data processor analyses the response and assesses the amount of 
trust that should be attributed to the second data processor and/or the second 
entity (figure 6, column 1 lines 42-68, column 9 50-65. claim 1) 

c) the first data processor defines a pseudonymous identity for the first entity; 
and (abstract, column 1 lines 42-68, claim 1) 

d) the first data processor provides information about the first entity to the 
second data processor where information is associated with the 
pseudonymous identity and information is selectively withheld or 
generalised in response to the assessment of the amount of trust attributed to 

the second data processor (column 1 lines 42-column 2 line 10, column 2 lines 24-3\ 
claim 1, claim 11). 
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14. With regards to claim 15, Chen clearly discloses an apparatus as claimed in 
claim 14, in which the first computer executes a policy agent which controls how 
information relating to the first entity is disclosed, (column 1 line 59 - column 2 line 10, 
column 2 lines 24-31). 

15. Regarding claim 16. Chen discloses an apparatus as claimed in claim 14, in 
which the first computer has a trusted platform module which generates a user identity 
which can be used to confirm the identity of the first entity, (column 1 lines 42-58, claim 
1)- 



Claim Rejections - 35 USC § 103 

16. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

17. Claims 3-5. and 7-8. are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Chen as applied to claims 1 and 2 above, and further in view of Maury et al, US 
PGPub 2002/004064 (hereinafter referred to as Maury). 



18. Regarding claim 3 , Chen discloses the method of claim 1 , but does not discuss 
the additional limitation of the purchase of insurance or the evaluation of user data for 
the purposes of pricing an insurance policy. Maury discloses a method for selling 
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insurance products (abstract) which includes the step of sending user data to an 
evaluation server which places the user in a risk tier (abstract, figure 6, paragraph 
[001 1]), then sending this information to a rating server which provides a policy "quote" 
(service price) for the user (figure 6, paragraph [001 1]). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the secure transaction process of Chen with the insurance service 
provider of Maury to offer a higher level of security to potential customers while ensuring 
that the potential customer is in possession of their identifying information. 

19. With regards to claim 4 , the method of claim 3 as discussed above further 
comprising the limitation of being able to correlate the pseudonymous identity with the 
first identity for the purposes of claim collection. Maury first discusses a client number 
which is given to the user at the time of quote generation and is then stored in a 
database alongside the user's personal data (abstract, [0012], claim 1). Additionally 
Maury discloses a number generated by the host application which is to be used by the 
customer to identify his or herself during calls to customer service representatives (fig 6, 
fig 7, [0038], [0040]). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to combine Chen with the numbering of Maury, because contacting a 
customer service representative is a necessary part of the insurance claim process, and 
providing a specific number to customers for reference, not only expedites the customer 
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service process but provides an additional level of security for customer's personal 
information. 

20. Regarding claim 5 , Chen describes the method of claim 1 and also discusses 
the use of a trusted computing platform which can be demonstrated to be reliable, to the 
user (fig 1 , column 2 lines 1 0-1 3). Maury discloses the generation of username and 
password for a customer ( fig 9, [0010], [0044]) as well as the application module used 
for customer numbering system discussed in regards to claims 4 and 12 (fig 6, fig 7, 
[0038], [0040]). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to combine the two in order to provide a high level of security for customer 
personal information while maintaining a strong correlation between the user's identities 
for the insurer. 

21. Regarding claim 7 , Chen discloses the method of claim 1 but does not discuss a 
policy agent which interacts with an examination agent in order to negotiate a policy. 
Maury discusses an on-line interface which accepts user data and transmits this to a 
quotation tool which evaluates the data and helps the customer decide which insurance 
products best suit his or her needs (fig 3, [0009], [001 1]). 
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It would have been obvious to one of ordinary skill in the art at the time of 
invention to combine Chen with the insurance selection tool of Maury in order to 
increase the level of transaction security provided by the system. 

22. With regards to claim 8 , the method of claim 5 as discussed above further 
comprising the steps of authenticating between the policy agent and the examination 
agent, for the purposes of correlating user identities. Maury discloses the secure 
examination of communications between the web-application and the various servers 
(including database and rating server) user for examination ([0034]). The web- 
application also assigns an application number to the client for the purposes of 
correlating between username and true identity (fig 6, fig 7, [0038], [0040]). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the two in order to improve the security of customer information 
during the transaction process. 



23. Claim 6 and 9 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Chen as applied to claim 1 above, and further in view of Cammisch et al, US PGPub 
2002/0103999 (hereinafter to as Cammisch). 
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24. Regarding claim 6, Chen discloses the method of claim 1 , as well as disclosing a 
trusted computing platform (column 2 lines 10-12) but does not disclose the further 
limitation of an agent which defines how information about the user can be disclosed. 
Cammisch discloses a system in which user information is not disclosed except under 
certain circumstances ([0008], [0009], [0025]-0028]). It would have been obvious to one 
of ordinary skill in the art at the time of invention to combine the invention to offer 
greater anonymity to the user while improving system security. 

25. With regards to claim 9 , Chen discloses the method of claim 1 , but does not 
discuss the distribution of data based on user's security policy. Cammisch describes a 
system in which the user can choose which organization will receive different types of 
credentials from him or here ([0009]-[0010]). It would have been obvious to one of 
ordinary skill in the art at the time of invention because it would improve the level of user 
anonymity and overall information security. 

26. Claims 10-13 . are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Chen U.S. Patent No. 7,096,204 (hereinafter "Chen") in view of Maury et al, 
(hereinafter "Maury") US PGPub 2002/004064 and LaSalle et al U.S. Patent Application 
Publication No. 2006/0259320 A1 and further in view of Cammisch U.S. Patent 
Application Publication No. 2002/0103999. 
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27. Regarding claim 10 , Chen discloses a method of conducting a transaction 
between a vendor and a buyer via a third party via a trusted computing platform 
(abstract, column 1 lines 42-58). Chen also discusses a data processor performing an 
analysis of trust on another entity (figure 6, column 1 lines 42-68, column 9 50-65. claim 
1 ). Maury discloses the steps of an insurer making its conditions for insurance available 
to a user both by asking the user to enter personal information and providing insurance 
quotes back to the user , to which the user makes this information known by entering 
the data([0009]-[001 1], [0024]-[0025]). The entered data is then analyzed by the 
insurance system to determine what the premium to be paid by the customer will be 
(abstract, figs 4, 6, 7, [0010] - [001 1]). What is not disclosed by Chen and Maury are 
the limitations of making the insurance policy information available to a third party, 
validating that a policy has been issued, the policy agent's ability to determine and 
selectively adjust amount of information disclosure, and examining the trustworthiness 
of the third party. LaSalle describes the method in which the trustworthiness of a third 
party is established (see figs. 9-1 1 ). Cammisch discloses a method of anonymous 
credential verification. Using this method, Cammisch describes a scenario involving sale 
of insurance through the third party system, in which the insurance company requires 
verification of a driver's license certificate as a condition for obtaining insurance ([0024]- 
[0028]. Once the customer has purchased insurance, validation of this fact is done by a 
show of a credential by the customer to the potential vendor ([0026]-[0027]). Purchase 
of credentials is made by the customer through the third party, which negotiates the 
transmission of public/private keys between the two, informing the customer of what 
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information (credentials) the organization needs for verification and informs the 
organization that the customer has met requirements and a new credential should be 
issued to them ([0016]-[0018]). User information is not disclosed by the system except 
under certain circumstances ([0008], [0009], [0025]-[0028]). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the third party transaction method of Chen, with the insurance 
purchasing method of Maury, the selective provisioning of user data of Tresser and the 
secure third party verification system of Cammisch in order to increase information 
integrity for the customer, as well as reducing risk of fraud for the insurance company 
which in turn will reduce costs. 

28. Regarding claim 11 , the method of claim 1 0 as discussed above further 
comprising the limitations of conducting the steps electronically to a trusted computing 
platform which creates a reusable identity for confirming the real identity of the user. 
Chen discloses an "Electronic Commerce System" (title) utilizing a trusted computing 
platform (abstract, column 1 lines 42-58, column 2 lines 10-13). ). Maury discloses the 
generation of username and password for a customer ( fig 9, [0010], [0044]) as well as 
the application module used for customer numbering system discussed in regards to 
claims 4 and 12 (fig 6, fig 7, [0038], [0040]). It would have been obvious to one of 
ordinary skill in the art at the time of invention to combine the two in order to provide a 
high level of security for customer personal information while maintaining a strong 
correlation between the user's identities for the insurer. 
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29. With regards to claim 12 , the method of claim 10 as discussed above further 
comprising the limitation of being able to correlate the pseudonymous identity with the 
first identity for the purposes of claim collection. Maury first discusses a client number 
which is given to the user at the time of quote generation and is then stored in a 
database alongside the user's personal data (abstract, [0012], claim 1). Additionally 
Maury discloses a number generated by the host application which is to be used by the 
customer to identify his or herself during calls to customer service representatives (fig 6, 
fig 7, [0038], [0040]). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to combine Chen with the numbering of Maury, because contacting a 
customer service representative is a necessary part of the insurance claim process, and 
providing a specific number to customers for reference, not only expedites the customer 
service process but provides an additional level of security for customer's personal 
information. 

30. Regarding claim 13 , the method of claim 1 0 as discussed above comprising the 
further limitations of a pseudonymous identity which provides pseudonymous 
information to the insurer for use in identification validation. Maury discloses the 
generation of username and password for a customer (fig 9, [0010]). Additionally, 
Maury discusses a client number which is given to the user at the time of quote 
generation and is then stored in a database alongside the user's personal data 
(abstract, [0012], claim 1). There is also a number generated by the host application 
which is to be used by the customer to identify his or herself during calls to customer 
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service representatives (fig 6, fig 7, [0038], [0040]). It would have been obvious to one 
of ordinary skill in the art at the time of the invention to combine the two in order to 
provide a high level of security for customer personal information while maintaining a 
strong correlation between the user's identities for the insurer. 

31. Claim 17 , is rejected under 35 U.S.C. 103(a) as being unpatentable over Chen 
as applied to claims 1 above, and further in view of Labelle et al (hereinafter "Labelle") 
U.S. Patent No. 7,240,017 B2. 

32. As per claim 17, Chen further discloses the method of conducting a transaction 
between a first entity and a second entity wherein the second entity comprises a 
selected one of a plurality of prospective second parties and wherein the data processor 
acting on behalf of the first entity requests one or more data processors acting on behalf 
of each of the prospective second party to provide data about itself (abstract, figure 6, 
column 1 lines 42-68, claim 1); 

b) the data processor acting on behalf of the first entity analysing the responses 
and determining an assessment of trust of the data processor operating on behalf of 
each prospective second party (figure 6, column 1 lines 42-68, colum 9 50-65. claim 1); 

c) defining a pseudonymous identity for the first entity (abstract, column 1 lines 
42-68, claim 1)); and 

d) providing data about the first entity to a group of the prospective second 
parties where data is selectively withheld or generalised for each prospective second 
party in said group of prospective second parties in response to the assessment of trust 
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associated with each data processor operating on behalf each of said group of second 
parties (column 1 lines 42-column 2 line 1 0, column 2 lines 24-3', claim 1 , claim 1 1 ). 
What Chen does not explicitly disclose is: 

providing data about first entity to a group of prospective second parties 
Labelle discloses providing data to a group of prospective second parties (see 

fig. 1; "insurance companies" fig. 2, which discloses contract with insurance companies 

204). 

Accordingly it would have been obvious to one of ordinary skill in the art at time 
of applicant's invention to modify the method of Chen and incorporate the method 
comprising , providing data about first entity to a group of prospective second parties in 
view of the teachings of Labelle since the claimed invention is merely a combination of 
old and known elements and in the combination each element merely would have 
performed the same function as it separately, and one of ordinary skill in the art would 
have recognized that the results of the combination were predictable. 



Conclusion 

33. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Charles C.L. Agwumezie whose number is (571) 272- 
6838. The examiner can normally be reached on Monday - Friday 8:00 am - 5:00 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Calvin Hewitt can be reached on (571) 272 - 6709. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http:// pair-direct.uspto.gov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll free). If you would like assistance from a USPTO 
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Customer Service Representative or access to the automated information system, call 
800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Charlie C Agwumezie/ 
Examiner, Art Unit 3685 
September 24, 2008 

/Calvin L Hewitt II/ 

Supervisory Patent Examiner, Art Unit 3685 



